This report, part of the Next Generation Cyber Infrastructure Apex program, applies the expanded threat model developed in a previous publication to the institution/enterprise level reflecting attacker methods at a level relevant to implementation.
Enterprise Threat Model Technical Report—Cyber Threat Model for a Notional Financial Services Sector Institution
This technical report applies the expanded threat model described in a related publication to the institution/enterprise level reflecting attacker methods at a level relevant to implementation. It describes a representative notional financial services sector institution, identifies where in its enterprise architecture the threat events from the high-level threat model are applicable, and uses a specific scenario to illustrate the use of detailed threat event information.
Note: This report is part of a larger suite of publications supporting the Next Generation Cyber Infrastructure Apex program.